How to set authmode using TLSWrapper in mbedos 5.11

11 Feb 2019

I'm writing an aws greengrass client side application using MBED-OS 5.11, To brief about the application, First we do https request to AWS using rootca, client authentication, then in response AWS cloud will respond back with a json data , in which , green grass core root ca, ip address, port will sent, now in client side application we will use root ca certifcate and do MQTT connection (ip address, port) with greengrass core.

Now here is issue i'm seeing TLS failure when it connects to greengrass core .

When i debugged further i found that server certificate validation fails (mbedtls_x509_crt_verify_restartable -> x509_crt_verify_name)

so what i understood is common name is not matching.

So i want to know how to set peer common name using TLSWRAPPER.

when i looks into tls wrapper code, following are the observations,

1)Why in TLSSocketWrapper::get_ssl_config()->mbedtls_ssl_conf_authmode is hardcoded to authmode_required. It should be user configured.

2) Didn't found a way to pass peer common name from application.

NOTE: client side applicaton wrote in C++.